(Some systems use gpg2
instead of gpg
, same thing but different name)
gpg --full-gen-key
. RSA and RSA (the default) and use 4096 lenght.
gpg --list-keys --keyid-format LONG
. The $ID I'll be refering from now on goes after the pub rsa4096/
part.
gpg --armor --export $ID
. This will echo something like:
-----BEGIN PGP PUBLIC KEY BLOCK-----
sdafasdfasdfasdfoiiowenm3245235t90adwnef
BUNCH OF RANDOM HACKER STUF
aoisdnfo0iasdnofino4in23otinoijaf09dscm90432
-----END PGP PUBLIC KEY BLOCK-----
Now you can add the whole thing (the ---BEGIN--- and --END-- part too) to your repository server as your GPG key.
git commit -S -m "message"
. See the -S
option.
To make signing a default, use git config --global commit.gpgsign true
.
To sign a tag: git tag -s mytag
Verify a tag: git tag -v mytag
Export: gpg --export-secret-keys $ID > my-private-key.asc
Import: gpg --import my-private-key.asc
This will be my setup as I'm new to GPG and will want to get more comfortable with this before setting a more complex and secure system, like the one described here.